Network access: Allow anonymous SID/name translation
This security setting determines if an anonymous user can request security identifier (SID) attributes for another user.
If this policy is enabled, a user with knowledge of an administrator's SID could contact a computer that has this policy enabled and use the SID to get the administrator's name.
Default on workstations and member servers: Disabled.
Default on domain controllers: Enabled.